Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-20840

Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers using hardware keyboard to use VoiceRecorder on the lock screen.

Published

2024-03-05T05:15:12.363

Last Modified

2025-02-14T17:27:27.583

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.7 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	samsung	voice_recorder	< 21.5.16.01	Yes
Operating System	google	android	12.0	No
Operating System	google	android	13.0	No
Application	samsung	voice_recorder	< 21.4.51.02	Yes
Operating System	google	android	14.0	No

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=03 Vendor Advisory ([email protected])
https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=03 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)